Law Commons^™

The 2007 Analysis Of Information Remaining On Disks Offered For Sale On The Second Hand Market, Andy Jones, Craig Valli, Glenn S. Dardick, Iain Sutherland

Journal of Digital Forensics, Security and Law

All organisations, whether in the public or private sector, increasingly use computers and other devices that contain computer hard disks for the storage and processing of information relating to their business, their employees or their customers. Individual home users also increasingly use computers and other devices containing computer hard disks for the storage and processing of information relating to their private, personal affairs. It continues to be clear that the majority of organisations and individual home users still remain ignorant or misinformed of the volume and type of information that is stored on the hard disks that these devices contain …

Steganography: Forensic, Security, And Legal Issues, Merrill Warkentin, Ernst Bekkering, Mark B. Schmidt

Journal of Digital Forensics, Security and Law

Steganography has long been regarded as a tool used for illicit and destructive purposes such as crime and warfare. Currently, digital tools are widely available to ordinary computer users also. Steganography software allows both illicit and legitimate users to hide messages so that they will not be detected in transit. This article provides a brief history of steganography, discusses the current status in the computer age, and relates this to forensic, security, and legal issues. The paper concludes with recommendations for digital forensics investigators, IT staff, individual users, and other stakeholders.

What Is 'Private' Data?, Karen Mccullagh

Karen McCullagh

The development of a frontier-free Internal Market and of the so-called 'information society' have resulted in an increase in the flow of personal data between EU Member States. To remove potential obstacles to such transfers data protection legislation was introduced. One of the underpinning principles of Directive 95/46/EC is the protection of privacy. Yet, the legislation does not provide a conclusive understanding of the terms ‘privacy’ or ‘private’ data. Rather, privacy protection is to be achieved through the regulation of the conditions under which personal data may be processed. An assessment of whether, 10 years after the enactment of the …

Dredging Up The Past: Lifelogging, Memory And Surveillance, Anita L. Allen

All Faculty Scholarship

The term “lifelog” refers to a comprehensive archive of an individual's quotidian existence, created with the help of pervasive computing technologies. Lifelog technologies would record and store everyday conversations, actions, and experiences of their users, enabling future replay and aiding remembrance. Products to assist lifelogging are already on the market; but the technology that will enable people fully and continuously to document their entire lives is still in the research and development phase. For generals, edgy artists and sentimental grandmothers alike, lifelogging could someday replace or complement, existing memory preservation practices. Like a traditional diary, journal or day-book, the lifelog …

Analysis Of Information Remaining On Hand Held Devices Offered For Sale On The Second Hand, Andy Jones, Craig Valli, Iain Sutherland

Journal of Digital Forensics, Security and Law

The ownership and use of mobile phones, Personal Digital Assistants and other hand held devices is now ubiquitous both for home and business use. The majority of these devices have a high initial cost, a relatively short period before they become obsolescent and a relatively low second hand value. As a result of this, when the devices are replaced, there are indications that they tend to be discarded. As technology has continued to develop, it has led to an increasing diversity in the number and type of devices that are available, and the processing power and the storage capacity of …

The Virtuous Spy: Privacy As An Ethical Limit, Anita L. Allen

All Faculty Scholarship

Is there any reason not to spy on other people as necessary to get the facts straight, especially if you can put the facts you uncover to good use? To “spy” is secretly to monitor or investigate another's beliefs, intentions, actions, omissions, or capacities, especially as revealed in otherwise concealed or confidential conduct, communications and documents. By definition, spying involves secret, covert activity, though not necessarily lies, fraud or dishonesty. Nor does spying necessarily involve the use of special equipment, such as a tape recorder or high-powered binoculars. Use of a third party agent, such as a “private eye” or …

Privacy, Crime And Terror: Legal Rights And Security In A Time Of Peril By Stanley A. Cohen (Markham: Lexisnexis Butterworths, 2005), Teresa Scassa

Canadian Journal of Law and Technology

It is now trite to say that the events of September 11, 2001 have had a profound impact on our national security, in terms of its institutional and normative dimensions, and also in terms of a more general public anxiety. The hastily enacted Anti-terrorism Act of 2001 brought about significant changes to a wide range of statutes including, among others, the Criminal Code, the Official Secrets Act, the Canada Evidence Act, and the Proceeds of Crime (Money Laundering) Act. An early conference and resultant book on the Anti-terrorism Act raised serious concerns about the potential impact of the changes on …

In Sickness, Health, And Cyberspace: Protecting The Security Of Electronic Private Health Information, Sharona Hoffman, Andy Podgurski

ExpressO

The electronic processing of health information provides considerable benefits to patients and health care providers at the same time that it creates serious risks to the confidentiality, integrity, and availability of the data. The Internet provides a conduit for rapid and uncontrolled dispersion and trafficking of illicitly-obtained private health information, with far-reaching consequences to the unsuspecting victims. In order to address such threats to electronic private health information, the U.S. Department of Health and Human Services enacted the HIPAA Security Rule, which thus far has received little attention in the legal literature. This article presents a critique of the Security …

Privacy And Access To Public Records In The Information Age, Sol Bermann

ExpressO

Online public record access brings a wealth of benefits ranging from greater government access and accountability to increased cost-savings and efficiencies. However, due to the presence of highly sensitive, personal data, an increase in public records access also brings potential dangers, including heightened risk of identity theft and frivolous snooping into the affairs of others.

Historically, public records have had some measure of public accessibility in order to empower citizens with the ability to observe the goings-on of government, leading to greater government accountability. Until the rise of the internet, citizens have had their privacy protected through practical obscurity (the …

Personal Medical Information: Privacy Or Personal Data Protection?, Wilhelm Peekhaus

Canadian Journal of Law and Technology

Some of the existing literature concerning the privacy of health information seems to suggest that medical information has a particularly special nature; either through its oft-cited association with dignity or the need for its ‘‘unobstructed’’ use by health care practitioners for a variety of reasons. It is against such a backdrop that this paper will review and compare a number of legislative mechanisms that have been designed to meet the challenge of safeguarding the privacy of personal information without completely hindering the continued flow of information required by economic and health care systems. An attempt will be made to situate …

The Privacy Gambit: Toward A Game Theoretic Approach To International Data Protection, Horace E. Anderson

Elisabeth Haub School of Law Faculty Publications

This article briefly explores several scenarios in which economic actors compete and cooperate in order to capture the value in personal information. The focus then shifts to one particular scenario: the ongoing interaction between the United States and the European Union in attempting to construct data protection regimes that serve the philosophies and citizens of each jurisdiction as well as provide a strategic economic advantage. A game theoretic model is presented to explain the course of dealings between the two actors, including both unilateral and bilateral actions. Part I ends with an exploration of opportunities for seizing competitive advantage, and …

'Code' And The Slow Erosion Of Privacy, Bert-Jaap Koops, Ronald Leenes

Michigan Telecommunications & Technology Law Review

The notion of software code replacing legal code as a mechanism to control human behavior--"code as law"--is often illustrated with examples in intellectual property and freedom of speech. This Article examines the neglected issue of the impact of "code as law" on privacy. To what extent is privacy-related "code" being used, either to undermine or to enhance privacy? On the basis of cases in the domains of law enforcement, national security, E-government, and commerce, it is concluded that technology rarely incorporates specific privacy-related norms. At the same time, however, technology very often does have clear effects on privacy, as it …

‘Code’ And The Slow Erosion Of Privacy, Ronald Leenes, Bert-Jaap Koops

ExpressO

The notion of software code replacing legal code as a mechanism to control human behavior – ‘code as law’ – is often illustrated with examples in intellectual property and freedom of speech. This article examines the neglected issue of the impact of ‘code as law’ on privacy. To what extent is privacy-related ‘code’ being used, either to undermine or to enhance privacy? On the basis of cases in the domains of law enforcement, national security, E-government, and commerce, it is concluded that technology rarely incorporates specific privacy-related norms. At the same time, however, technology very often does have clear effects …

Material Vulnerabilities: Data Privacy, Corporate Information Security And Securities Regulation, Andrea M. Matwyshyn

ExpressO

This article undertakes a normative and empirical legal inquiry into the manner information security vulnerabilities are being addressed through law and in the marketplace. Specifically, this article questions the current legislative paradigm for information security regulation by presenting a critique grounded in information security and cryptography theory. Consequently, this article advocates shifting our regulatory approach to a process-based security paradigm that focuses on improving security of our system as a whole. Finally, this article argues that in order to accomplish this shift with least disruption to current legal and economic processes, expanding an existing set of well-functioning legal structures is …

Radio Frequency Id And Privacy With Information Goods, Laura Quilter, Nathan Good, John Han, Elizabeth Miles, David Molnar, Deirdre Mulligan, Jennifer M. Urban, David Wagner

Laura Quilter

No abstract provided.

Radio Frequency Id And Privacy With Information Goods, Laura Quilter, Nathan Good, John Han, Elizabeth Miles, David Molnar, Deirdre Mulligan, Jennifer M. Urban, David Wagner

Jennifer M. Urban

No abstract provided.

Cyberspace Cartography: The Case Of On-Line Territorial Privacy, Daniel Benoliel

ExpressO

Territorial privacy, one of the central categories of privacy protection, involves setting limit boundaries on intrusion into an explicit space or locale. Initially, the Restatement (Second) of Torts, which defined the privacy tort of intrusion, as applied by courts, most notably designated two classes of excluded areas: “private” places in which the individual can expect to be free from intrusion, and “non-private” places, in which the individual does not have a recognized expectation of privacy. In the physical world, courts ultimately held almost uniformly that the tort of intrusion could not occur in a public place or in a place …

Information Privacy In Virtual Worlds: Identifying Unique Concerns Beyond The Online And Offline Worlds, Tal Z. Zarksy

NYLS Law Review

No abstract provided.

A Gradual Shift In U.S. Privacy Laws Towards A Comprehensive Regime , Kamaal R. Zaidi

ExpressO

This paper examines the current trends in a predominantly sectoral U.S. privacy regime that appears to be becoming more comprehensive in nature with respect to data privacy protection. This trend has been greatly attributed to the European Union's comprehensive position on data privacy protection. This paper investigates the growth in U.S. data privacy protection in relation to federal and state legislative history, federal administrative procedures, and private industry efforts. This shift from sectoral to comprehensive regimes is significant in the backdrop of U.S-EU trade relations.

4th Annual Computer & Technology Law Institute, Office Of Continuing Legal Education At The University Of Kentucky College Of Law

Continuing Legal Education Materials

Materials from the 4th Annual Computer & Technology Law Institute held by UK/CLE in November 2002.

Computer Searches And Seizures: Some Unresolved Issues, Susan W. Brenner, Barbara A. Frederiksen

Michigan Telecommunications & Technology Law Review

The goal of this article is to illustrate the issues that arise in the context of computer search and seizures by examining several areas in which the application of Fourth Amendment concepts to computer searches and/or seizures can be problematic. In order to illustrate this point, the article will build on a hypothetical. The hypothetical situation assumes law enforcement officers have lawfully obtained a warrant to search for and seize evidence concerning the commission of one or more crimes. It will also be assumed that computer technology played some role in the commission of these crimes, so computer equipment and …

The Magic Lantern Revealed: A Report Of The Fbi's New Key Logging Trojan And Analysis Of Its Possible Treatment In A Dynamic Legal Landscape, Woodrow Hartzog

Faculty Scholarship

Magic Lantern presents several difficult legal questions that are left unanswered due to new or non-existent statutes and case law directly pertaining to the unique situation that Magic Lantern creates. ²⁵ The first concern is statutory. It is unclear what laws, if any, will apply when Magic Lantern is put into use.²⁶ The recent terrorist attacks in the United States have brought the need for information as a matter of national security to the forefront. Congress recently passed legislation (i.e. USA PATRIOT Act) ²⁷ that dramatically modifies current surveillance law, thus further complicating the untested waters of a …

2nd Annual Computer & Technology Law Institute, Office Of Continuing Legal Education At The University Of Kentucky College Of Law, Carlyle C. Ring, Holly K. Towle, Timothy E. Nielander, John G. Hundley, J. Mark Grundy, Matthew M. Clark, David E. Fleenor, William L. Montague Jr., Jack E. Toliver, Joel T. Beres, Cynthia L. Stewart, Kenneth J. Tuggle, Kenneth R. Sagan, Stephen E. Gillen

Continuing Legal Education Materials

Materials from the 2nd Annual Computer & Technology Law Institute held by UK/CLE in March 2000.

Principles Of Internet Privacy, Fred H. Cate

Articles by Maurer Faculty

The definition of privacy developed by Brandeis and Warren and Prosser, and effectively codified by Alan Westin in 1967 - the claim of individuals, groups, or institutions to determine for themselves when, how, and to what extent information about them is communicated to others - worked well in a world in which most privacy concerns involved physical intrusions (usually by the government) or public disclosures (usually by the media), which, by their very nature, were comparatively rare and usually discovered.

But that definition's exclusive focus on individual control has grown incomplete in a world in which most privacy concerns involve …

The Changing Face Of Privacy Protection In The European Union And The United States, Fred H. Cate

Articles by Maurer Faculty

Among the wide variety of national and multinational legal regimes for protecting privacy, two dominant models have emerged, reflecting two very different approaches to the control of information. The European Union has enacted a sweeping data protection directive that imposes significant restrictions on most data collection, processing, dissemination, and storage activities, not only within Europe, but throughout the world if the data originates in a member state. The United States has taken a very different approach that extensively regulates government processing of data, while facilitating private, market-based initiatives to address private sector data processing.

Under the EU data protection directive, …

High-Tech Heroes, Virtual Villians, And Jacked-In Justice: Visions Of Law And Lawyers In Cyberpunk Science Fiction, Walter Effross

Articles in Law Reviews & Other Academic Journals

No abstract provided.

Piracy, Privacy, And Privitization: Fictional And Legal Approaches To The Electronic Future Of Cash, Walter Effross

Articles in Law Reviews & Other Academic Journals

No abstract provided.

The Eu Data Protection Directive, Information Privacy, And The Public Interest, Fred H. Cate

Articles by Maurer Faculty

No abstract provided.

A Contractual Approach To Data Privacy, Stephanos Bibas

All Faculty Scholarship

No abstract provided.

Scope Of The Uniform Commercial Code: Advances In Technology And Survey Of Computer Contracting Cases, Harold R. Weinberg, Ameila H. Boss, William J. Woodward Jr.

Law Faculty Scholarly Articles

Since the 1940s, the technology revolution has enabled people to communicate electronically. Sitting at a computer terminal connected to a modem and a telephone wire, it is possible to send a message anywhere in the country (or throughout the world)—to another computer, to a telecopy or telefax machine, even to a telephone. Paper is being replaced by electronic signals as a mode of communication. This revolution calls into question some of the fundamental rules upon which our contracts and the U.C.C. were built. On a broader scale, electronic communication raises issues that include the rights and responsibilities of providers and …